directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wu, James C." <James.C...@disney.com>
Subject RE: add ldap entry in apacheds within simple authentication module
Date Wed, 17 Apr 2013 21:24:41 GMT
Hi,

I got into a problem using the suggested approach. The authentication module is used in the
bind process, which sets a read lock on the ldap store at the beginning before it reaches
the authentication module. In order to insert new entries, a write lock is required. However,
given that at the beginning of the binding process, there is already a read-lock, it is impossible
to get a write lock.

Is there any other place or classes/interceptors, I can overwrite to achieve the goal?

james


From: ayyagarikiran@gmail.com [mailto:ayyagarikiran@gmail.com] On Behalf Of Kiran Ayyagari
Sent: Friday, April 12, 2013 9:01 AM
To: Apache Directory Developers List
Subject: Re: add ldap entry in apacheds within simple authentication module



On Fri, Apr 12, 2013 at 9:13 PM, Wu, James C. <James.C.Wu@disney.com<mailto:James.C.Wu@disney.com>>
wrote:
Hi,

I am trying to override the simple LDAP authentication with a customer
external authentication source. After the external authentication
succeeds, I would like to insert the principal into the apacheds ldap
store.

I do not want to bind to apacheds as admin in the simple authentication
module as it seems to be absurd because simple authentication module is
already within the server process, it should be able to made changes to
the ldap store directly. I don't want to by-pass all interceptors though,
because I want the kerberos keys to be generated automatically by the
kerberos key derivation service.

Does anyone know how to do this?
just inject your custom authenticator and use the admin CoreSession from DirectoryService
to inject
the required entry after authentication succeeds

Regards,

James



--
Kiran Ayyagari
http://keydap.com

Mime
View raw message